Novel Implementation of O-Pass Security Model Design of User Authentication for Password Stealing and Reuse Attacks
Journal Title: INTERNATIONAL JOURNAL OF COMPUTER TRENDS & TECHNOLOGY - Year 2014, Vol 7, Issue 2
Abstract
Text password is the most popular form of user authentication on websites due to its convenience and simplicity. However, users’ passwords are prone to be stolen and compromised under different threats and vulnerabilities. Firstly, users often select weak passwords and reuse the same passwords across different websites. Routinely reusing passwords causes a domino effect; when an adversary compromises one password, she will exploit it to gain access to more websites. Second, typing passwords into untrusted computers suffers password thief threat. An adversary can launch several password stealing attacks to snatch passwords, such as phishing, key loggers and malware. In this paper, we design a user authentication protocol named oPass which leverages a user’s cell phone and short message service to thwart password stealing and password reuse attacks. oPass only requires each participating website possesses a unique phone number, and involves a telecommunication service provider in registration and recovery phases. Through oPass, users only need to remember a long-term password for login on all websites. After evaluating the oPass prototype, we believe oPass is efficient and affordable compared with the conventional web authentication mechanisms. This paper provides a novel design and implementation of this OPass Security Model.
Authors and Affiliations
Dr. M. Ramabai , J. V. Prashanthi , P. Monika Raju , A. V. L Prasuna , M. Upendra Kumar
Keywords
Related Articles
- EP ID EP126125
- DOI -
- Views 118
- Downloads 0
Risk Management a t Universities Illegal Residents in Hostels & Fire Cases
Every organization/institution is exposed to some kinds of risks that can affect them in many ways. Risks like fire, theft, damage of assets, illegal intruders etc. can affect them strategically, financially and operatio...
Analysis of Email Fraud Detection Using WEKA Tool
Data mining is also being useful to give solutions for invasion finding and auditing. While data mining has several applications in protection, there are also serious privacy fears. Because of email mining, even inexperi...
An Improved Naive Bayes Classification to Enhance Image Registration
Image registration based classification is among the important image processing procedures in medical imaging and remote sensing, it has been developed and studied for a long time. Complex image registration issue arisin...
An Efficient Web Prediction Model Using Modified Markov Model with ANN
Web prediction is a classification problem in which we try to predict the preceding set of Web pages in which a user may visit supported on the knowledge of the previously visited pages. While serving the Internet user’s...
Locate Misplaced Objects! GPS-GSM-Bluetooth Enabled Tracking
Every house has had a history of searching for keys, pen-drives, wallets and hand-purses and it is such a tedious job, especially, when they are of utmost need. To reduce the hectic searching effort and time spent, a sys...